--- /usr/src/parselog-0.09/lib/Log/Parse.pm 2005-07-07 06:52:49.000000000 -0700
+++ /home/vincent/code2007/Parse.pm 2007-01-26 15:27:51.562065760 -0800
@@ -485,13 +485,9 @@
line => '',
@_,
);
+ #Oct 23 03:57:51 star amavis[31592]: (31592-06) Blocked INFECTED (HTML.Phishing.Bank-851), [216.118.97.135] <#[email protected]> -> <[email protected]>, quarantine: 3qmwV5iZsy3S, Message-ID: <E1GbxV1-0003#[email protected]>, mail_id: 3qmwV5iZsy3S, Hits: -, 4296 ms

- #
- # mx01ch amavis[15665]: (15665-08) INFECTED (W32/Netsky.AK@mm),
- # <[email protected]> -> <[email protected]>,
- # quarantine virus-20050307-151909-15665-08, Message-ID: , Hits: -
- #
- if ($args{line} !~ m/(.*?) amavis.*?\[.*?\]: (.*?), <.*?> -> <.*?@(.*?)>,/) {
+ if ($args{line} !~ m/(.*?) amavis.*?\[.*?\]: (.*?) <.*?> -> <.*?@(.*?)>,/) {
return;
}

@@ -605,7 +601,7 @@
RRDs::create($args{rrd},
'--start', $start - $step,
'--step', $step,
- 'DS:hits:GAUGE:'.$step.':0:U',
+ 'DS:hits:ABSOLUTE:'.$step.':0:U',
split(' ', $self->{rrdrra}),
);

@@ -613,7 +609,7 @@
if ($err) {
warn "RRDs::create: $err";
debug::log("RRDs::create $err", $args{rrd},'--start', $start - $step,
- '--step', $step,'DS:hits:GAUGE:'.$step.':0:U',
+ '--step', $step,'DS:hits:ABSOLUTE:'.$step.':0:U',
split(' ', $self->{rrdrra})) if(DEBUG);
return undef;
}

--- /usr/src/parselog-cgi-0.04/bin/parselog.cgi 2005-07-20 05:53:27.000000000 -0700
+++ parselog.cgi 2007-02-01 09:49:27.000000000 -0800
@@ -29,6 +29,7 @@
my $base = $ENV{SCRIPT_NAME} || '';
my $path = $ENV{PATH_INFO} || shift(@ARGV) || '';
$path =~ s/^\///g; # remove leading '/'
+debug::log("path $path") if(DEBUG);

my @paths = split('/', $path);
my $mpoint = join(' :: ', @paths);
@@ -221,6 +222,7 @@

my $i = 0;
my $j = 0;
+ my $step = $end->epoch() - $start->epoch();
my $stack = 'AREA';
my $dir = 0;

@@ -254,7 +256,7 @@
$color = $col;
}
}
- push(@args, add_target($e, $stack, $color));
+ push(@args, add_target($e, $stack, $color, $step));
$stack = 'STACK';
$j++;
}
@@ -267,7 +269,7 @@
$color = $col;
}
}
- push(@args, add_target($e, $stack, $color));
+ push(@args, add_target($e, $stack, $color, $step));
$j++;
}

@@ -313,11 +315,13 @@
my $rrd = shift;
my $stack = shift;
my $color = shift;
+ my $step = shift;
my $name = $rrd;

my @args;
my @srcs = (<_*>);
my $cdef = "CDEF:cdef$cdefid=0";
+ my $vdef = "VDEF:vdef$defid=";
foreach my $s (@srcs) {
if (-f "$s/$rrd") {
(my $state = $rrd) =~ s/\.rrd/\.state/;
@@ -331,11 +335,19 @@
}
push(@args, "DEF:def$defid=$s/$rrd:hits:AVERAGE");
$cdef .= ",def$defid,+";
+ $vdef .= "def$defid,TOTAL";
+ $cdef .= ",UN,0,def$defid,$step,*,IF";
$defid++;
}
}
- push(@args, $cdef, "$stack:cdef$cdefid#$color:$name");
- debug::log("Added $name") if(DEBUG);
+
+ push(@args,
+ $cdef,
+ $vdef,
+ "$stack:cdef$cdefid#$color:$name",
+ "GPRINT:vdef$cdefid:Total\:%5.1lf msgs"
+ );
+ debug::log("Added @args") if(DEBUG);

$cdefid++;
return @args;

perl -MConfig -e '($Config{byteorder} == 1234) ? print "$^O is little endian\n" : print "$^O is big endian\n"

linux are in little endian (right to left)

Network byte order,Darwin is big endian (left to right)

Here is my little Perl multi pattern grep script modifed from <<Advanced Perl Programming>>

#!/usr/bin/perl
use strict;
use warnings;

open my $fh, '<', pop(@ARGV) or die "Could not open $ARGV[-1]:$!";

my $code = 'while (<$fh>) {';
$code .= 'if (/';
$code .= join ('/ && /', @ARGV);
$code .= '/) {print $_;}}';
print $code, "\n";
eval $code; #ahh, finally !
#check if faulty regular expressions given as input patterns
die "Error ---: $@\n Code: \n$code\n" if ($@);

Lately, because of Taiwan earth quake, the fabric cable broke between North America and South East Asia, mrt it a good tool to show route and network traffic jam for this case:

# mtr --interval=5 www.chinaunix.net

Host Loss% Snt Last Avg Best Wrst StDev
1. mygw 0.0% 19 0.8 0.8 0.8 0.9 0.0
2. a14-i2.net.ubc.ca 0.0% 19 0.8 0.7 0.6 0.9 0.1
3. 142.103.78.169 0.0% 19 0.4 0.4 0.3 0.4 0.0
4. 207.23.240.54 0.0% 19 0.8 0.8 0.7 1.0 0.1
5. ra1wh-ge4-3-15.vc.bigpipeinc.com 0.0% 19 1.1 5.9 0.9 79.8 18.0
........................................................snip........................................................
8. sl-gw12-sea-1-0.sprintlink.net 0.0% 19 5.5 5.5 5.2 5.8 0.2
14. sl-gw27-stk-8-0.sprintlink.net 0.0% 19 26.2 26.1 25.9 26.5 0.2
15. sl-china7-6-0.sprintlink.net 61.1% 19 525.5 510.7 496.6 525.5 9.0
16. 219.158.3.173 27.8% 19 365.2 391.3 355.9 546.3 56.0
........................................................snip........................................................
22. www84.asd.tj.cn 35.3% 18 510.5 509.6 502.1 518.1 4.6